Command Injection Vulnerability in Alpine iLX-507 by Alpine Electronics
CVE-2025-8480
8HIGH
What is CVE-2025-8480?
The vulnerability in Alpine iLX-507 stems from a critical flaw in the Tidal music streaming application, where user-supplied strings are not adequately validated before execution in system calls. This allows an attacker, positioned on the same network, to exploit the vulnerability and execute arbitrary code on the device without the need for authentication, potentially compromising the device's functionality and user data.
Affected Version(s)
iLX-507 6.0.000